Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7971c2d6-d2af-472b-98c6-136e8edc0890.roa
File: 7971c2d6-d2af-472b-98c6-136e8edc0890.roa (raw, json)
Hash identifier: bPASroKYmEU7xkGZKq7VyGyVhX5mn9OQ6sRFqh9j0XE=
Subject key identifier: AF:60:8F:3D:17:FD:D8:76:0E:D1:B1:E8:9F:3E:38:27:9A:2F:D3:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7236812EBDC013486F5BA65C1099AB45E40AEF5F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7971c2d6-d2af-472b-98c6-136e8edc0890.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:36:81:2e:bd:c0:13:48:6f:5b:a6:5c:10:99:ab:45:e4:0a:ef:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b8:ed:17:96:9e:12:70:b2:70:63:71:88:3a:
ce:e8:93:70:fc:62:05:71:94:b4:2e:81:28:c1:de:
f2:c7:79:45:bf:58:b1:26:7a:38:59:14:3b:2a:8b:
ae:4b:2a:67:f4:de:60:1e:6a:a8:cd:50:42:ea:ff:
17:78:b0:18:7b:31:2e:1c:59:af:45:e3:fc:75:ad:
73:64:6d:bb:66:d3:d4:96:a7:8c:8a:1c:fc:66:6c:
f8:5e:9a:ee:a9:34:5a:4e:51:fe:65:b1:6e:41:48:
77:bb:54:47:9d:79:1a:ce:42:32:d7:74:2b:a1:ae:
db:11:8d:14:56:e0:1f:f7:26:49:e3:98:83:f1:87:
6f:13:25:0b:2c:f2:3b:17:b9:82:87:41:f4:6a:cd:
2d:e5:5b:0b:33:0d:c7:3c:da:ae:b3:e1:4d:27:13:
4e:04:2a:84:c8:ab:66:74:0b:f6:1a:c7:5f:f0:65:
bc:93:e7:72:c5:72:03:c1:2f:ef:07:26:4d:d9:d9:
3a:bd:a0:f7:bd:0f:46:7a:3a:ce:ee:13:73:fd:f1:
77:a2:e0:7a:5d:0b:37:c9:75:18:ad:18:70:32:d4:
aa:5a:31:f4:0a:8e:bf:a1:4b:af:e9:94:cd:78:4e:
77:a5:9c:73:f7:9f:88:4c:11:1d:1c:d8:27:aa:b3:
9f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:60:8F:3D:17:FD:D8:76:0E:D1:B1:E8:9F:3E:38:27:9A:2F:D3:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7971c2d6-d2af-472b-98c6-136e8edc0890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:f9:de:c9:67:40:b9:10:51:bb:df:7d:34:6e:b7:25:2a:3d:
08:57:74:b5:75:57:4e:15:3e:bd:4a:ba:3d:84:6b:50:1f:ed:
68:3d:7b:8e:17:0f:e1:4d:f2:a6:d4:75:c3:36:9c:f9:bc:bf:
0e:cf:bc:02:d8:c3:6e:20:c2:52:e5:80:46:dc:d8:85:05:bb:
97:d1:8d:96:18:44:3d:0e:18:ae:ff:a3:c1:55:10:69:bc:0b:
86:9d:7c:45:0a:f1:e3:11:64:ea:d1:36:1e:e0:bb:0c:ed:06:
32:92:3a:26:6b:4c:0e:64:3a:e7:30:82:0a:6b:dd:65:15:70:
9a:d5:95:30:08:26:43:a8:ab:db:1f:45:3a:85:ea:e0:e1:01:
a1:8d:27:1a:bd:5f:e1:b4:d3:f5:50:a0:bb:2c:6c:87:5e:e7:
d0:27:bc:fb:53:98:c4:cd:43:2e:d8:45:5a:c6:93:db:8b:77:
12:eb:98:66:a5:6c:39:7a:55:d1:70:39:ba:da:35:d9:bc:71:
7d:a6:4c:d9:46:74:79:ce:8c:c3:ce:2b:44:25:e9:83:67:db:
f1:66:13:7c:62:38:4c:5e:6c:ff:61:c3:48:85:62:a1:f8:33:
e7:03:33:8e:d0:a3:47:7f:b8:d1:3c:f7:ec:b4:9f:e5:fc:10:
cf:5b:28:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcjaBLr3AE0hvW6ZcEJmrReQK718wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ZmY5OWM3MTlhMTE0YjEyZjI5OGUxMjI2YzNiOWU1N2Q5MGUwNmViMTEx
OTc1ZTM5N2U3OGE1YjkxNTdkMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJO47ReWnhJwsnBjcYg6zuiTcPxiBXGUtC6BKMHe8sd5Rb9YsSZ6OFkUOyqL
rksqZ/TeYB5qqM1QQur/F3iwGHsxLhxZr0Xj/HWtc2Rtu2bT1JanjIoc/GZs+F6a
7qk0Wk5R/mWxbkFId7tUR515Gs5CMtd0K6Gu2xGNFFbgH/cmSeOYg/GHbxMlCyzy
Oxe5godB9GrNLeVbCzMNxzzarrPhTScTTgQqhMirZnQL9hrHX/BlvJPncsVyA8Ev
7wcmTdnZOr2g970PRno6zu4Tc/3xd6Lgel0LN8l1GK0YcDLUqlox9AqOv6FLr+mU
zXhOd6Wcc/efiEwRHRzYJ6qzn7UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvYI89
F/3Ydg7RseifPjgnmi/TUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk3MWMyZDYtZDJhZi00NzJiLTk4YzYtMTM2ZThlZGMwODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQAv+d7JZ0C5EFG73300brclKj0IV3S1dVdOFT69Sro9
hGtQH+1oPXuOFw/hTfKm1HXDNpz5vL8Oz7wC2MNuIMJS5YBG3NiFBbuX0Y2WGEQ9
Dhiu/6PBVRBpvAuGnXxFCvHjEWTq0TYe4LsM7QYykjoma0wOZDrnMIIKa91lFXCa
1ZUwCCZDqKvbH0U6herg4QGhjScavV/htNP1UKC7LGyHXufQJ7z7U5jEzUMu2EVa
xpPbi3cS65hmpWw5elXRcDm62jXZvHF9pkzZRnR5zozDzitEJemDZ9vxZhN8YjhM
Xmz/YcNIhWKh+DPnAzOO0KNHf7jRPPfstJ/l/BDPWyhA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:05 2025 by rpki-client